package jzqb.dao.impl;


import cnki.tpi.kbatis.sqlsession.SqlSession;
import cnki.tpi.kbatis.utils.DataSourceUtil;
import haha.life.normal.TokenUtils;
import jzqb.dao.AdminCheckPermissionsDao;
import jzqb.po.*;
import org.springframework.stereotype.Repository;

import javax.servlet.http.HttpServletRequest;
import java.util.*;

@Repository
public class AdminCheckPermissionsDaoImpl implements AdminCheckPermissionsDao {

//    @Override
//    public Boolean checkPermissions(HttpServletRequest request, String[] permissionTypeList_) {
//        String token = request.getHeader("token");
//        String userID =  TokenUtils.checkTokenReturnID(token);
//
//        //1 获取此人的id(已知)和部门(可能有多个)
//        SqlSession sqlSession = DataSourceUtil.getSqlSession();
//        String statementId_1 = "jzqb.dao.AdminUserInfoDao.findUserById";
//        AdminUserPo userPo = sqlSession.selectOne(statementId_1, userID, false);
//
//        ArrayList<String> deps = new ArrayList<String>();
//        if (!userPo.getDepartmentid().equals("")){
//            for (String depId:userPo.getDepartmentid().split(";")) {
//                deps.add(depId);
//            }
//        }
//
//        //2 通过id和部门获取此人的权限组集合
//        String statementId_2 = "jzqb.dao.AdminPermissionDao.getQXZByID_deps";
//        ArrayList<String> conditionList = new ArrayList<String>();
//        conditionList.add("用户成员 = " + "'" + userID + "'");
//        for (String depid:deps) {
//            conditionList.add("部门成员 =" + "'" + depid + "'");
//        }
//
//        String condition = String.join(" or ",conditionList);
//
//        List<AdminPermissionGroupPo> adminPermissionGroupPoList =  sqlSession.selectList(statementId_2, condition,false);
//
//        //
//        ArrayList<String> allPermissionGroupIdList = new ArrayList<String>();
//        for (AdminPermissionGroupPo adminPermissionGroupPo:adminPermissionGroupPoList
//        ) {
//            allPermissionGroupIdList.add(adminPermissionGroupPo.getPermissionGroupID());
//        }
//        //3 获取权限组集合具有的所有权限
//        ArrayList<String> conditionList_2 = new ArrayList<String>();
//        for (String permissionGroupId:allPermissionGroupIdList
//        ) {
//            conditionList_2.add("权限组ID=" + permissionGroupId);
//        }
//        String condition_2 = String.join(" or ",conditionList_2);
//        String statementId_3 = "jzqb.dao.AdminPermissionDao.getQXByQXZs";
//        List<AdminPermissionPo> adminPermissionPoList =  sqlSession.selectList(statementId_3, condition_2,false);
//        System.err.println("认证3:此人的所有 权限 有:"+adminPermissionPoList);
//        //4 判断本次请求所需权限是否 是 步骤3 的子集
//
//        int currentCount = 0;
//        for (String per:permissionTypeList_) {
//            for (AdminPermissionPo po:adminPermissionPoList) {
//                for (String permisSingle:po.getIncludes().split(";")) {
//                        if (permisSingle.equals(per)){
//                            currentCount+=1;
//                        }
//                    }
//
//            }
//        };
//
//        if (totalNeedPermission == currentCount){
//            return true;
//        }else {
//            return false;
//        }
//
//    }


    /*
    * 判断登录人是否在权限组中,在permissionGroupList中的任意一个也算
    * */
    @Override
    public Boolean inPermissionGroup(HttpServletRequest request, String[] permissionGroupList) {
        /*
        *  token-->userid-----------|
        *           ↓               |
        *         用户对象          |---->此人的所有权限组集合---->该集合和参数permissionGroupList是否有交集-->是:return true;
        *           ↓              |                                                                       否:return false
        *       此人的所有部门------|
        * */
        String token = request.getHeader("token");
        String userID =  TokenUtils.checkTokenReturnID(token);

        //1 获取此人的id(已知)和部门(可能有多个)
        SqlSession sqlSession = DataSourceUtil.getSqlSession();
        String statementId_1 = "jzqb.dao.AdminUserInfoDao.findUserById";
        AdminUserPo userPo = sqlSession.selectOne(statementId_1, userID, false);

        ArrayList<String> deps = new ArrayList<String>();
        if (!userPo.getDepartmentid().equals("")){
            for (String depId:userPo.getDepartmentid().split(";")) {
                deps.add(depId);
            }
        }

        //2 通过id和部门获取此人的权限组集合
        String statementId_2 = "jzqb.dao.AdminPermissionDao.getQXZByID_deps";
        ArrayList<String> conditionList = new ArrayList<String>();
        conditionList.add("用户成员 = " + "'" + userID + "'");
        for (String depid:deps) {
            conditionList.add("部门成员 =" + "'" + depid + "'");
        }

        String condition = String.join(" or ",conditionList);

        List<AdminPermissionGroupPo> adminPermissionGroupPoList =  sqlSession.selectList(statementId_2, condition,false);

        //
        ArrayList<String> allPermissionGroupIdList = new ArrayList<String>();
        for (AdminPermissionGroupPo adminPermissionGroupPo:adminPermissionGroupPoList
        ) {
            allPermissionGroupIdList.add(adminPermissionGroupPo.getPermissionGroupID());
        }

        //获取此人的所有权限组
        Set hisAllPermissionSet = new HashSet();
        hisAllPermissionSet.addAll(allPermissionGroupIdList);

        //获取本次操作所需要的权限组集合
        Set needPermissionSet = new HashSet();
        ArrayList<String> argList = new ArrayList<String>();
        for (String s:permissionGroupList){
            argList.add(s);
        }
        needPermissionSet.addAll(argList);

        boolean notJoint = Collections.disjoint(hisAllPermissionSet, needPermissionSet );
        return !notJoint;
    }


    /*
     * 判断登录人是否在权限组中,全部都在permissionGroupList中才会返回true
     * */
    @Override
    public Boolean inPermissionGroup_Total(HttpServletRequest request, String[] permissionGroupList) {
        /*
         *  token-->userid-----------|
         *           ↓               |
         *         用户对象          |---->此人的所有权限组集合---->该集合和参数permissionGroupList是否真包含-->是:return true;
         *           ↓              |                                                                       否:return false
         *       此人的所有部门------|
         * */
        String token = request.getHeader("token");
        String userID =  TokenUtils.checkTokenReturnID(token);

        //1 获取此人的id(已知)和部门(可能有多个)
        SqlSession sqlSession = DataSourceUtil.getSqlSession();
        String statementId_1 = "jzqb.dao.AdminUserInfoDao.findUserById";
        AdminUserPo userPo = sqlSession.selectOne(statementId_1, userID, false);

        ArrayList<String> deps = new ArrayList<String>();
        if (!userPo.getDepartmentid().equals("")){
            for (String depId:userPo.getDepartmentid().split(";")) {
                deps.add(depId);
            }
        }

        //2 通过id和部门获取此人的权限组集合
        String statementId_2 = "jzqb.dao.AdminPermissionDao.getQXZByID_deps";
        ArrayList<String> conditionList = new ArrayList<String>();
        conditionList.add("用户成员 = " + "'" + userID + "'");
        for (String depid:deps) {
            conditionList.add("部门成员 =" + "'" + depid + "'");
        }

        String condition = String.join(" or ",conditionList);

        List<AdminPermissionGroupPo> adminPermissionGroupPoList =  sqlSession.selectList(statementId_2, condition,false);

        //
        ArrayList<String> allPermissionGroupIdList = new ArrayList<String>();
        for (AdminPermissionGroupPo adminPermissionGroupPo:adminPermissionGroupPoList
        ) {
            allPermissionGroupIdList.add(adminPermissionGroupPo.getPermissionGroupID());
        }

        //获取此人的所有权限组
        Set hisAllPermissionSet = new HashSet();
        hisAllPermissionSet.addAll(allPermissionGroupIdList);

        //获取本次操作所需要的权限组集合
        Set needPermissionSet = new HashSet();
        ArrayList<String> argList = new ArrayList<String>();
        for (String s:permissionGroupList){
            argList.add(s);
        }
        needPermissionSet.addAll(argList);

        boolean result = hisAllPermissionSet.containsAll(needPermissionSet);
        return result;
    }

    @Override
    public List<AdminDepartmentPo> findLeadDeptLis(String userId) {
        SqlSession sqlSession = DataSourceUtil.getSqlSession();
        String statementId = "jzqb.dao.AdminPermissionDao.findLeadDeptLis";
        List<AdminDepartmentPo>  deptList = sqlSession.selectList(statementId, userId, false);
        return deptList;
    }

    @Override
    public boolean showSelfBaseButton(String userid) {
        //1 获取此人的id(已知)和部门(可能有多个)
        SqlSession sqlSession = DataSourceUtil.getSqlSession();
        String statementId_1 = "jzqb.dao.AdminUserInfoDao.findUserById";
        AdminUserPo userPo = sqlSession.selectOne(statementId_1, userid, false);

        ArrayList<String> deps = new ArrayList<String>();
        if (!userPo.getDepartmentid().equals("")){
            for (String depId:userPo.getDepartmentid().split(";")) {
                deps.add(depId);
            }
        }

        // 2 id+部门==>数据权限组
        String statementId_2 = "jzqb.dao.AdminPermissionDao.getSJQXZByID_deps";
        ArrayList<String> conditionList = new ArrayList<String>();
        conditionList.add("用户成员 = " + "'" + userid + "'");
        for (String depid:deps
        ) {
            conditionList.add("部门成员 =" + "'" + depid + "'");
        }
        String condition = String.join(" or ",conditionList);

        List<AdminPermissionGroupPo> adminPermissionGroupPoList =  sqlSession.selectList(statementId_2, condition,false);

        //数据权限组==>数据权限
        ArrayList<String> searchDataPermissionConditionList = new ArrayList<String>();
        for (AdminPermissionGroupPo adminPermissionGroupPo:adminPermissionGroupPoList
        ) {
            searchDataPermissionConditionList.add("权限组ID = " + "'"+adminPermissionGroupPo.getPermissionGroupID()+ "'");
        }
        String searchDataPermissionConditionStr = String.join(" or ",searchDataPermissionConditionList);

        //如果没有任何数据权限,直接返回false
        if (searchDataPermissionConditionList.size()==0){
            return false;
        }

        String getDataPermissionBypermissionGroup_sql = "jzqb.dao.AdminPermissionDao.getDataPermissionBypermissionGroupIDs";
        List<AdminDataPermissionPo> dataPermissions =  sqlSession.selectList(getDataPermissionBypermissionGroup_sql, searchDataPermissionConditionStr,false);

        //获取访问资源的领域
//        String getFieldOfResource = "jzqb.dao.QBZSDao.getQBZSInfo";
////        String QBZSconditionStr = String.format("SYS_FLD_SYSID='%s'",qbzsBo.getSysID());
//        QBZSPo QBZSpo = sqlSession.selectOne(getFieldOfResource, qbzsBo,false);

        for (AdminDataPermissionPo po:dataPermissions){
            if ("JZZY_METADATA".equals(po.getDbCode())){
                return true;
            }
        }
        return false;
    }
}
